Jump to content

Want to know if there is a file we can predict for key id in JSON Web Token


Kok
 Share

Recommended Posts

I have JWT token and I want to modify the key id field. Kid field can be used for local files. I had verfied that /etc/passwd can be used but I don't know the content.

So I want to know some files that I can predict the content. The target website have 127.0.0.1/__sinatra__/404.png which I can download that png file. But I don't know the absolute path for that file.

Does anyone know the solution of my problem.? Please help me.

Link to comment
Share on other sites

If you can fingerprint the distro to one of the Debian varients, check /etc/debian_version or something like that, there are only a small number of possible values for that file.

/etc/shells is probably also fairly fixed.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...